High severity7.2NVD Advisory· Published May 12, 2026· Updated May 15, 2026
CVE-2026-8051
CVE-2026-8051
Description
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
Affected products
5cpe:2.3:a:ivanti:virtual_traffic_manager:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:ivanti:virtual_traffic_manager:*:*:*:*:*:*:*:*range: <=22.8
- cpe:2.3:a:ivanti:virtual_traffic_manager:22.9:r1:*:*:*:*:*:*
- cpe:2.3:a:ivanti:virtual_traffic_manager:22.9:r2:*:*:*:*:*:*
- cpe:2.3:a:ivanti:virtual_traffic_manager:22.9:r3:*:*:*:*:*:*
- (no CPE)range: <22.9r4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.